Tagged Questions
1
vote
3answers
199 views
Using buffer overflow to execute shell code
I've been learning computer security lately and come across a couple problems, and i'm having some trouble with this one in particular.
I'm given a function with a fixed buffer I need to overflow in ...
9
votes
2answers
255 views
Compile C to allow for Buffer Overflow
I am learning about buffer overflows and am trying to make one. I have this code:
#include <stdio.h>
char *secret = "password";
void go_shell() {
char *shell = "/bin/sh";
char *cmd[] ...
0
votes
2answers
58 views
Why is the fgets function deprecated?
From The GNU C Programming Tutorial:
The fgets ("file get string") function is similar to the gets
function. This function is deprecated -- that means it is obsolete
and it is strongly ...
0
votes
1answer
81 views
overflowing the stack into a variable confusion(computer security)
I'm learning computer security through a book i've found online(pretty new to this stuff, go easy!), and one chapter teaches you about overflowing the stack. The function used in the program is:
void ...
-1
votes
0answers
96 views
How many variable/buffer overflows are there in this C programming code?
#include <stdio.h>
#include <string.h>
#include <limits.h>
int main(int argc, char *argv[])
{
FILE *fp;
char filename[128];
char strings[USHRT_MAX][50];
unsigned short cnt = 0;
...
-1
votes
2answers
52 views
what could go wrong in the following code? [closed]
char* function (char* s)
{
char buffer[1024];
strcpy(buffer,s);
buffer[strlen(s)-1]='\n';
return buffer;
}
for this function i think there are three things that may fail this code:
...
0
votes
0answers
50 views
Buffer overflow exploit : segfault on function ret to stack code
I'm trying to exploit a buffer overflow in a test program to execute arbitrary code. I'm on NetBSD 6 i386. Here is the C code:
int checkPassword(char *password)
{
char ...
1
vote
1answer
59 views
ASLR brute force
I just read about Address Space Layout Randomization and I tried a very simple script to try to brute force it. Here is the program I used to test a few things.
#include <stdio.h>
#include ...
0
votes
1answer
74 views
Exploiting Buffer Overflow
I have come across a C program which has a buffer overflow flaw. We need to make the program work in our way. As per my understanding overflowing the buffer would overwrite the next memory location. ...
5
votes
2answers
3k views
stack execution protection and randomization on ubuntu
As part of a course assignment i need to write an exploit code to cause a buffer overflow and execute code that is present on stack.
I have turned off the stack randomiztion by the following command:
...
0
votes
0answers
66 views
Buffer Overflow esp offset
I'm a computer engineering student who is studying how stack buffer overflows work. The book I'm reading is The Art of Exploitation (1st edition) by Jon Erickson.
In order to practice what I'm ...
0
votes
0answers
72 views
Jack ringbuffer
I have a problem with jack_ringbuffer, when the jack ringbuffer is full it does not get any more new data. I want to ring bufer when it will release full of old data and new data received.
I using ...
0
votes
0answers
65 views
Buffer Overflow using environmental variable - problems
I'm taking a class on security. I have this C code that I have to exploit on a linux system.
#include <stdio.h>
#include <string.h>
int main(int argc, char** argv){
char buffer[500];
...
1
vote
3answers
88 views
Shellcode: perform 2 execve() calls
I am trying to write shellcode in assembly. I need to perform a /usr/bin/killall command AND a /usr/bin/wget command. I have both commands running perfectly in shellcode with the execve() syscall. But ...
6
votes
5answers
2k views
Is sscanf considered safe to use?
I have vague memories of suggestions that sscanf was bad. I know it won't overflow buffers if I use the field width specifier, so is my memory just playing tricks with me?
